I want to prevent anyone from using my ors backend

good afternoon everyone! I wanted to ask you for help, I have built my own openrouterservice server, but my question is how can I implement tockens to prevent anyone from using it.

Hi @chirs88,

there are a lot of different ways to achieve that, but none of them is really openrouteservice related.
(so best just research a bit on how to secure a web application)

You could do this on the webserver you are using, e.g. for apache:
You could directly limit access to your IP (also apache as example)
Or you could even implement authentication in the ors code itself by setting up Security for Spring:
e.g. https://spring.io/guides/gs/securing-web/

Or you could use a API management software to handle this like kong, tyk, mulesoft etc. which is a bit more complex to setup and probably over the top for your use case but offers a lot of additional stuff.

Best regards

1 Like

Thanks for the quick response, Iā€™m going to investigate then.